Vulnerabilities > Ithemes

DATE	CVE	VULNERABILITY TITLE	RISK
2019-08-28	CVE-2015-9372	Cross-site Scripting vulnerability in Ithemes Membership Membership Add-on for iThemes Exchange before 1.3.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). network low complexity ithemes CWE-79	6.1
2019-08-28	CVE-2015-9371	Cross-site Scripting vulnerability in Ithemes Manual Purchases Manual Purchases Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). network low complexity ithemes CWE-79	6.1
2019-08-28	CVE-2015-9370	Cross-site Scripting vulnerability in Ithemes Invoices Invoices Add-on for iThemes Exchange before 1.4.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). network low complexity ithemes CWE-79	6.1
2019-08-28	CVE-2015-9369	Cross-site Scripting vulnerability in Ithemes Easy US Sales Taxes Easy US Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). network low complexity ithemes CWE-79	6.1
2019-08-28	CVE-2015-9368	Cross-site Scripting vulnerability in Ithemes Easy EU Value Added (Vat) Taxes Easy EU Value Added (VAT) Taxes Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). network low complexity ithemes CWE-79	6.1
2019-08-28	CVE-2015-9367	Cross-site Scripting vulnerability in Ithemes Easy Canadian Sales Taxes Easy Canadian Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). network low complexity ithemes CWE-79	6.1
2019-08-28	CVE-2015-9366	Cross-site Scripting vulnerability in Ithemes Custom URL Tracking Custom URL Tracking Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). network low complexity ithemes CWE-79	6.1
2019-08-28	CVE-2015-9365	Cross-site Scripting vulnerability in Ithemes Authorize.Net Authorize.net Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). network low complexity ithemes CWE-79	6.1
2019-08-28	CVE-2015-9363	Cross-site Scripting vulnerability in Ithemes Exchange iThemes Exchange before 1.12.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). network low complexity ithemes CWE-79	6.1
2018-06-22	CVE-2018-12636	SQL Injection vulnerability in Ithemes Security The iThemes Security (better-wp-security) plugin before 7.0.3 for WordPress allows SQL Injection (by attackers with Admin privileges) via the logs page. network low complexity ithemes CWE-89	7.2

Vulnerabilities > Ithemes {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Ithemes"}]}

Vulnerabilities > Ithemes